Having trouble keeping all the CPU vulns that dropped today straight? Understandable. There's a lot.

This is going to be a thread.

Multiple teams of security researchers around the world independently discovered these vulns and have been loosely coordinating to work on these disclosures together. This process was quite long; it took over a year. Four different whitepapers dropped today.

The mdsattacks.com site also contains a FAQ, videos of exploit demos, a really cool interactive guide to speculative execution attacks (seriously, go play with it) and handy tools to check if your system is vulnerable (links in next tweet).

Verify whether your system is vulnerable to the new MDS CPU attacks with these tools from the RIDL team!

These attacks affect all modern Intel CPUs in servers, desktops and laptops, including the latest 9th-gen processors that contain Meltdown mitigations. 9th-gen CPUs are actually more vulnerable to some of these attacks than older-gen hardware.

Related hashtags

@petecheslock's talk here is one of my favorite examples of how storytelling and narrative can be used effectively to put your talk together and make your point well.

@alicegoldfuss' Container Operator's Manual is a great example of how to make technical information easily understood and is my go-to link for people who want Containers 101 talks because it's just that good

Related threads

Good evening America! #Thread on the issues with ibuprofen & generic drugs in the U.S. (long)

Earlier this afternoon, we dropped a thread on the above topic that was very industry centric. Tonight we are going back through that thread and break it down for everyone.

This thread started with this opinion piece on foreign Pharma factories and what happens in them. nyti.ms/2Jihy9P The opinion piece is equal parts truth, common industry knowledge and a hard sell on the book.

First up; my favourite robot which keeps my home clean. The Roborock S55 uses SLAM technology with cameras & sensors to generate a model of the house. It cleans really well & it leaks even better as it doesn't use HTTPS to communicate. It misses its home and keeps calling back!

Next up; one of the cheapest smart cameras in the market. The Xiaomi XiaoFang WiFi camera does 1080p video and costs less than Rs. 1200. I have many around the house for security purposes. It is a great oxymoron as its a security device with no security.

#Thread of responses from women in aerodynamics to the question, 'what would you like to see in order for women's career progression in your field to be sustained and better supported?'

Responses incl. career flexibility, mentoring and more women in leadership roles #WomeninSTEM

1. "I think young female engineers need to see more female role models and mentors in my field. Having a visible example of someone that looks like you and is succeeding in their field is important. Having an opportunity to meet with a mentor like that can be very powerful."

2. "I would like to see that any career promotion is based on own merits and value added to the company or the society independently of the gender. I want that women are measured with the same rules as men and are given equal opportunities."

#Thread If I were Obama.
If I was Obama on January 5, 2017 sitting in the WH meeting with my AG, FBI, DOJ, Perkins Coie Counsel, WH counsel, ODNI, CIA etc.. with a portfolio of data we manufactured, collated, paid for and collected and an EO I had just singed in Dec of 2016 (1)

An Executive Order that makes it the law of the land "Taking Additional Steps to Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities" calling our #russia and all the entities we referenced in our "Portfolio" (2)govinfo.gov/content/pkg/FR…

A portfolio we had in our hands that was lack luster, circular and completely manufactured... If I was Obama I would gear up and call upon all those "of our unique and comprehensive system of alliances and partnerships" to join me. To join me (3)

#THREAD
Gemalto has apologised for publishing erroneous report on Aadhaar data breach. But why would a world class firm mislead the people of India? What has Gemalto to gain from it? Does Gemalto has stakes in #Aadhaar? Lets see which journalist has the courage to report this.

To understand whats really going on you must first know the background of Gemalto and where it comes from, that would bring things into clear perspective. Then we would address the Aadhaar issue and how the People of India is being mislead by UIDAI.

#Thread#KeralaFloods Detailed thread to document the historic efforts of various online groups in rescue and relief operations. Trust me, Whatsapp and Google sheets were the powerful weapons we had. Pic: An online control room set by NRKs in house at Abu Dhabi (1/n)

It was the time we truly realised the power of social media and instant messaging services with regard to disaster management. Many were stranded on roof-tops without any other contact to the world other than their mobile phones. Whatsapp brilliantly solved the issue. (2/n)

Before going in detail let me point out the problem statements. 1) Govt issued some helpline numbers but most of them were busy with numerous calls 2) Thousands of SOS requests flooded in social media which were not addressed in a systematic manner, hence turned spams (3/n)